CAST-128 and CAST-256

CAST-128, also known as CAST5, is a block cipher used in a number of products, notably as the default cipher in some versions of GNU Privacy Guard (GPG) and Pretty Good Privacy (PGP) systems. It has also been approved for Canadian government use by the Communications Security Establishment. CAST-128 was created in 1996 by Carlisle Adams and Stafford Tavares. Howard Heys and Michael Wiener also contributed to the design.

CAST-128 is a 12- or 16-round Feistel network with a 64-bit block size and a key size of between 40 and 128 bits (but only in 8-bit increments). The full 16 rounds are used when the key size is longer than 80 bits. Components include large 8 x 32-bit S-boxes based on bent functions, key-dependent rotations, modular addition and subtraction, and XOR operations. There are three alternating types of round function, but they are similar in structure and differ only in the choice of the exact operation (addition, subtraction or XOR) at various points.

CAST-256, also known as CAST6, was derived from CAST-128 and published in June 1998. It was submitted as a candidate for the Advanced Encryption Standard (AES), however it was not among the five AES finalists.CAST-256 uses the same elements as CAST-128, including S-boxes, but is adapted for a block size of 128 bits – twice the size of its 64-bit predecessor. Acceptable key sizes are 128, 160, 192, 224 or 256 bits. CAST-256 is composed of 48 rounds, sometimes described as 12 “quad-rounds”, arranged in a generalized Feistel network.

VOCAL offers a wide range of cryptographic solutions in both hardware and software form factors. Please contact us to discuss your application security requirements.